-
Notifications
You must be signed in to change notification settings - Fork 70
Expand file tree
/
Copy pathdocker-compose.yaml
More file actions
185 lines (175 loc) · 5.79 KB
/
docker-compose.yaml
File metadata and controls
185 lines (175 loc) · 5.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
services:
# nginx reverse proxy to support dns lookup
nginx-proxy:
image: nginxproxy/nginx-proxy:1.6.0-alpine
container_name: proxy
restart: always
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
environment:
DEFAULT_HOST: aasgui.basyx.localhost
networks:
- basyx-java-server-sdk
# AAS Environment
aas-env:
image: eclipsebasyx/aas-environment:$BASYX_VERSION
container_name: aas-env-rbac
extra_hosts:
- "keycloak.basyx.localhost:host-gateway"
volumes:
- ./aas:/application/aas
- ./basyx/aas-env.properties:/application/application.properties
- ./basyx/rules/aas_env_rbac_rules.json:/application/rbac_rules.json
ports:
- '8081:8081'
restart: always
environment:
VIRTUAL_HOST: aasenv.basyx.localhost
VIRTUAL_PORT: "8081"
depends_on:
aas-registry:
condition: service_healthy
sm-registry:
condition: service_healthy
networks:
- basyx-java-server-sdk
# AAS Registry
aas-registry:
image: eclipsebasyx/aas-registry-log-mem:$BASYX_VERSION
container_name: secured-aas-registry-log-mem-rbac
extra_hosts:
- "keycloak.basyx.localhost:host-gateway"
ports:
- "8082:8080"
environment:
VIRTUAL_HOST: aasreg.basyx.localhost
VIRTUAL_PORT: "8080"
SERVER_SERVLET_CONTEXT_PATH: /
BASYX_CORS_ALLOWED_ORIGINS: '*'
BASYX_CORS_ALLOWED_METHODS: GET,POST,PATCH,DELETE,PUT,OPTIONS,HEAD
BASYX_FEATURE_AUTHORIZATION_ENABLED: true
BASYX_FEATURE_AUTHORIZATION_TYPE: rbac
BASYX_FEATURE_AUTHORIZATION_JWTBEARERTOKENPROVIDER: keycloak
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: http://keycloak.basyx.localhost/realms/BaSyx
BASYX_FEATURE_AUTHORIZATION_RBAC_FILE: file:/workspace/config/rbac_rules.json
volumes:
- ./basyx/rules/aas_registry_rbac_rules.json:/workspace/config/rbac_rules.json
restart: always
depends_on:
keycloak-healthcheck:
condition: service_completed_successfully
networks:
- basyx-java-server-sdk
# Submodel Registry
sm-registry:
image: eclipsebasyx/submodel-registry-log-mem:$BASYX_VERSION
container_name: secured-sm-registry-log-mem-rbac
extra_hosts:
- "keycloak.basyx.localhost:host-gateway"
environment:
VIRTUAL_HOST: smreg.basyx.localhost
VIRTUAL_PORT: "8080"
SERVER_SERVLET_CONTEXT_PATH: /
BASYX_CORS_ALLOWED_ORIGINS: '*'
BASYX_CORS_ALLOWED_METHODS: GET,POST,PATCH,DELETE,PUT,OPTIONS,HEAD
BASYX_FEATURE_AUTHORIZATION_ENABLED: true
BASYX_FEATURE_AUTHORIZATION_TYPE: rbac
BASYX_FEATURE_AUTHORIZATION_JWTBEARERTOKENPROVIDER: keycloak
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: http://keycloak.basyx.localhost/realms/BaSyx
BASYX_FEATURE_AUTHORIZATION_RBAC_FILE: file:/workspace/config/rbac_rules.json
ports:
- "8083:8080"
volumes:
- ./basyx/rules/sm_registry_rbac_rules.json:/workspace/config/rbac_rules.json
restart: always
depends_on:
keycloak-healthcheck:
condition: service_completed_successfully
networks:
- basyx-java-server-sdk
# AAS Discovery
aas-discovery:
image: eclipsebasyx/aas-discovery:$BASYX_VERSION
container_name: aas-discovery
extra_hosts:
- "keycloak.basyx.localhost:host-gateway"
environment:
VIRTUAL_HOST: discovery.basyx.localhost
VIRTUAL_PORT: "8081"
volumes:
- ./basyx/aas-discovery.properties:/application/application.properties
- ./basyx/rules/aas_discovery_rbac_rules.json:/application/rbac_rules.json
ports:
- '8084:8081'
restart: always
depends_on:
keycloak-healthcheck:
condition: service_completed_successfully
networks:
- basyx-java-server-sdk
# AAS Web UI
aas-web-ui:
image: eclipsebasyx/aas-gui:$AAS_WEBUI_VERSION
container_name: aas-web-gui
extra_hosts:
- "keycloak.basyx.localhost:host-gateway"
ports:
- '3000:3000'
environment:
VIRTUAL_HOST: aasgui.basyx.localhost
VIRTUAL_PORT: "3000"
AAS_REGISTRY_PATH: http://aasreg.basyx.localhost/shell-descriptors
SUBMODEL_REGISTRY_PATH: http://smreg.basyx.localhost/submodel-descriptors
AAS_REPO_PATH: http://aasenv.basyx.localhost/shells
SUBMODEL_REPO_PATH: http://aasenv.basyx.localhost/submodels
CD_REPO_PATH: http://aasenv.basyx.localhost/concept-descriptions
AAS_DISCOVERY_PATH: http://discovery.basyx.localhost/lookup/shells
KEYCLOAK_URL: http://keycloak.basyx.localhost
KEYCLOAK_REALM: BaSyx
KEYCLOAK_CLIENT_ID: basyx-web-ui
restart: always
depends_on:
aas-env:
condition: service_healthy
networks:
- basyx-java-server-sdk
keycloak:
image: keycloak/keycloak:24.0.4
container_name: keycloak-rbac
environment:
VIRTUAL_HOST: keycloak.basyx.localhost
VIRTUAL_PORT: "8080"
KC_HOSTNAME: keycloak.basyx.localhost
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: keycloak-admin
KC_HTTP_ENABLED: "true"
KC_HTTPS_ENABLED: "false"
KC_HEALTH_ENABLED: "true"
KC_IMPORT: /opt/keycloak/data/import/
command: ["start-dev", "--import-realm"]
ports:
- 9097:8080
volumes:
- ./keycloak/realm:/opt/keycloak/data/import
networks:
- basyx-java-server-sdk
keycloak-healthcheck:
image: curlimages/curl:latest
container_name: keycloak-healthcheck
command: >
sh -c "
echo 'Waiting for Keycloak to become ready...';
until curl -sf http://keycloak-rbac:8080/health/ready; do
sleep 5;
done;
echo 'Keycloak is ready!'"
depends_on:
- keycloak
networks:
- basyx-java-server-sdk
networks:
basyx-java-server-sdk:
name: basyx-java-server-sdk
driver: bridge